DARPA Kicks Off Two-Year Cybersecurity Hack-A-Thon

Over the past year, computer security experts have been preparing for the Defense Advanced Research Projects Agency's Cyber Grand Challenge — a first-of-its-kind cybersecurity competition — but now, the time has come to get hacking.

This week marks the beginning of the tournament, and DARPA — the branch of the U.S. Department of Defense charged with developing new technologies for the military — is inviting teams of security experts around the world to take a first look at the competition's virtual platform and try their hand at a few sample challenges.

The Cyber Grand Challenge is designed to spur the development of new security systems that can automatically identify and defend against cyberattacks.

"Today's security methods involve experts working with computerized systems to identify attacks, craft corrective patches and signatures, and distribute those correctives to users everywhere — a process that can take months from the time an attack is first launched," Mike Walker, DARPA program manager, said in a statement.

The tournament is part of a broader initiative by DARPA to help solve a problem that's been nagging security experts for decades: how to stop cyberattacks before they start.

"The only effective approach to defending against today's ever-increasing volume and diversity of attacks is to shift to fully automated systems capable of discovering and neutralizing attacks instantly," Walker said.

Each team in the Cyber Grand Challenge will be tasked with developing an automated system that will be tested over the next two years at a series of competitions throughout the United States.

The competitions will follow a "capture the flag" format, in which hackers attempt to attack and defend computers and entire networks using certain software programs and network structures.

But throughout the Cyber Grand Challenge, it will be computers — not people — that will be doing the attacking and defending. This approach requires that competitors — who include programmers from the University of California, Berkeley and SRI International — reverse-engineer software that organizers created for the challenge, and locate and heal its hidden weaknesses in a real-time competition, DARPA officials said.

The final leg of the competition will take place in August 2016 in Las Vegas, and will be held in conjunction with the 24th annual DEF CON, one of the largest hacking conventions in the world.

While the two events will coincide, it's unclear whether both the highly anticipated DEF CON capture-the-flag competition and the final round of the Cyber Grand Challenge will occur simultaneously.

Earlier this week, to mark the start of the tournament, DARPA released DECREE, an open-source extension built atop the Linux operating system. The extension, which isn't compatible with any other software in the world, is designed to be used as a platform for testing small, isolated software samples.

Editor's Note: This story was updated to correct "Stanford Research Institute" to its official name, "SRI International." The research organization was founded as the Stanford Research Institute in 1946, but has officially been known as SRI International since the 1970s.

Editor's Recommendations

Elizabeth Palermo

Elizabeth is a Live Science staff writer who writes about science and technology. She graduated with a B.A. from the George Washington University. Elizabeth has traveled throughout the Americas, studying political systems and indigenous cultures and teaching English to students of all ages.